CDP (Cisco Discovery Protocol )邻居发现协议
CDP协议工作在数据链路层,是cisco私有的一种协议,并且和传输介质和与协议无关。
只要物理层和数据链路层正常,CDP就可以正常工作。
运行在包括的所有Cisco生产的设备: 路由器 、网桥 、接入服务器 、交换机
可以通过CDP协议来发现直接相连的cisco设备的信息。在默认情况下,cisco设备启用CDP协议
并周期性60s发送CDP通告给直接相连的cisco设备。
使用组播MAC地址01:00:0C:CC:CC:CC.
另外:如果思科设备的中间串接其他厂家的交换机或集线器,CDP协议照样正常工作,可以发现cisco设备。
拓扑:
R1(config)#int e0/0
R1(config-if)#ip add 12.1.1.1 255.255.255.0
R1(config-if)#no shut
R2(config)#int e0/0
R2(config-if)#ip add 12.1.1.2 255.255.255.0
R2(config-if)#no shut
R1#show cdp //查看CDP
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
Sending CDPv2 advertisements is enabled
R1#
R1(config)#cdp timer 30 //修改CDP发送间隔为30s
R1(config)#cdp holdtime 150 //修改CDP超时时间为150s
R1#show cdp //修改完以后查看时间
Global CDP information:
Sending CDP packets every 30 seconds
Sending a holdtime value of 150 seconds
Sending CDPv2 advertisements is enabled
默认设备是开启的,为了防止通过CDP协议发现直连设备的状态信息,比如ip地址,IOS等等
有时候出于安全性,会关闭CDP
R1(config)#no cdp run //全局关闭CDP协议
R1#show cdp
% CDP is not enabled
R1(config)#cdp run //开启CDP协议
或者进入接口关闭
R1(config)#int e0/0
R1(config-if)#no cdp enable //进入接口关闭CDP协议
R1(config-if)#cdp enable //接口开启CDP协议
R1#show cdp interface //查看使能CDP的接口
Ethernet0/1 is administratively down, line protocol is down
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
R1#show cdp neighbors //查看CDP邻居
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
R2 Eth 0/0 165 R B Linux Uni Eth 0/0
-----------------------------------------------------------
Device ID -----邻居设备的hostname
Local Intrfce -----表示当前设备的本地接口
Holdtme -----表示超时时间
Capability -----表示连接的设备,R代表路由器,S代表交换机 R S代表既有路由器及交换机的能力
Platform -----表示设备的具体型号,模拟器看到的是Linux平台,如果真机中看到的是真实的型号。
Port ID ------表示远端设备的连接接口
R1#show cdp neighbors detail //查看CDP邻居具体信息
-------------------------
Device ID: R2 //邻居设备ID
Entry address(es):
IP address: 12.1.1.2 //邻居接口ip地址
Platform: Linux Unix, Capabilities: Router Source-Route-Bridge
Interface: Ethernet0/0, Port ID (outgoing port): Ethernet0/0
Holdtime : 143 sec
Version :
Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.4(1)T, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Sat 23-Nov-13 03:28 by prod_rel_team
advertisement version: 2
Duplex: half
Management address(es):
IP address: 12.1.1.2
Total cdp entries displayed : 1
R1#show cdp entry * //查看CDP邻居所有信息
-------------------------
Device ID: R2
Entry address(es):
IP address: 12.1.1.2
Platform: Linux Unix, Capabilities: Router Source-Route-Bridge
Interface: Ethernet0/0, Port ID (outgoing port): Ethernet0/0
Holdtime : 153 sec
Version :
Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.4(1)T, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Sat 23-Nov-13 03:28 by prod_rel_team
advertisement version: 2
Duplex: half
Management address(es):
IP address: 12.1.1.2
R1#show cdp entry R2 //查看邻居R2,这个地方注意Device ID的大小写。
-------------------------
Device ID: R2
Entry address(es):
IP address: 12.1.1.2
Platform: Linux Unix, Capabilities: Router Source-Route-Bridge
Interface: Ethernet0/0, Port ID (outgoing port): Ethernet0/0
Holdtime : 171 sec
Version :
Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.4(1)T, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Sat 23-Nov-13 03:28 by prod_rel_team
advertisement version: 2
Duplex: half
Management address(es):
IP address: 12.1.1.2
R1#show cdp traffic //查看CDP流量
CDP counters :
Total packets output: 2959, Input: 2955
Hdr syntax: 0, Chksum error: 0, Encaps failed: 1
No memory: 0, Invalid packet: 0,
CDP version 1 advertisements output: 0, Input: 0
CDP version 2 advertisements output: 2959, Input: 2955
注意:目前CCIE 诊断考试中已经有考到,考试中会有CDP报文,让你分析是哪两台设备之间的接口。
大家只要关注红色标记的地方即可。wireshark 抓包中可以进行删选,输入cdp即可